fastapi-jwt icon indicating copy to clipboard operation
fastapi-jwt copied to clipboard

Published 20 hours ago verified publisher icon k4black

Allow audience & issuer to be specified

Open Mongey opened this issue 1 year ago • 2 comments

👋 Hey,

When decoding a JWT, I need to specify an audience and issuer. Currently I get

Wrong token: Invalid audience

Looking at the code there's no way to pass in the intended audience or issuer.

with jose I would do

decoded = jwt.decode(token, public_key, algorithms=[alg], audience=aud, issuer=issuer)

Mongey avatar Jun 27 '23 20:06 Mongey

In my opinion this is a serious disadvantage of this library and the only one stopping me from getting it to work. I'd recommend allowing passing arbitrary parameters to the init method of JwtAccessBearer that can be used by jose's decode method.

JoshuaMathias avatar Dec 05 '23 19:12 JoshuaMathias

I added fixes for this and other payload-related issues: https://github.com/k4black/fastapi-jwt/pull/26 Edit: To avoid waiting, this is now found on pip: https://pypi.org/project/fastapi-jwt-extended/1.0.0/

JoshuaMathias avatar Dec 05 '23 20:12 JoshuaMathias